Comments (4)
philclifford
commented on August 19, 2024
They've moved their keyfile - hence the 404.
Unless they provide a URL for the public key we'll probably have to deprecate support for nala and recommend their own installer script. Otherwise we'd need to wrap their installer script to get their keyfile deb (as well as the release deb?), but that seems pointless.
[email protected] may know where they key URL is now, if it remains accessible.
from deb-get.
philclifford
commented on August 19, 2024
zcat /usr/share/doc/volian-archive-keyring/NEWS.Debian.gz|more
volian-archive (0.3.1) unstable; urgency=medium
The Scar repo is being replaced by the Nala repo.
Scar will be reused for another purpose.
It is recommended to run `apt install volian-archive-nala`
to make sure it is marked as manually installed.
Followed by `apt purge volian-archive-scar` to get rid of that.
-- Blake Lee <[email protected]> Thu, 09 May 2024 04:04:32 +0000
from deb-get.
volitank
commented on August 19, 2024
Hi I'm the Nala developer,
I figured I would respond here instead of in email, that way others can see the discussion. And my apologies for the slow response.
The key can still be obtained from our Git repo for the archive.
https://gitlab.com/volian/volian-archive/-/blob/main/volian-archive-scar-unstable.gpg?ref_type=heads
As you linked we have changed repositories. Removing the key from the web server was a step taken to figure out those who may be using it outside of the .deb that we provide for the repos.
I have a plan tho, and will create a PR soon to resolve this issue. It is worth noting though that the repository contains updated dependencies for some distros that need them, such as Debian Bullseye, or Ubuntu 20.04. This means just raw dog installing the repo will cause some python libraries to be updated to Sid versions. This does have potential to break system utilities that depend on those same libraries. I have not seen or heard of this happening yet, but it is always a risk.
The archive deb we ship sets up a preferences file that will only pull in Nala from that repo unless you use the apt -t switch to set it as the target release, or if you remove that preferences file. I am not really familiar with deb-get outside of knowing the name, but my understanding is that using it to install Nala in this way would not provide the protections our preferences file does.
from deb-get.
volitank
commented on August 19, 2024
I added the key back to the webserver but named nala.key. This way I can fix it for your users but also keep it broken for anyone else who was using it directly. Now that I know deb-get uses it, I can coordinate any future changes.
from deb-get.
Related Issues (20)
- atuin will no longer build deb packages
- Unable to update webex
- App request: kando
- Request: wthrr-the-weathercrab
- App request: MQTTX
- Request: SiriKali
- [feature request] deb-get upgrade respect --repos-only
- deb-get unable to find du-dust and fastfetch HOT 2
- update stops whenever it encounters an error with some packages HOT 1
- Obsidian changed their version scheme
- Re-add Picocrypt HOT 10
- feat: add ntfy
- Request: Ueli
- Request: TickTick
- Elementary is not supported HOT 2
- Request: xh
- Request: neovim HOT 2
- get_filename_from_url: command not found & micro installed every time from deb-get HOT 3
- bug: micro nightly releases causing continual attempts to update HOT 9
- bug: fastfetch URL has changed
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from deb-get.